Cyber Security and Insider Threat.

Transcription

1 CONFERENCE AGENDA FEBRUARY 18 19, 2015 OTTAWA EFFECTIVE STRATEGIES FOR DEFENDING YOUR DATA AND ORGANIZATION Cyber Security and Insider Threat. Kristin Lovejoy General Manager, IBM Canada Ltd. Cheri F. McGuire Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation Dr. James L. Norrie Dean, Business and Justice Studies, Utica College #CBoCSecurity

2 Learn about the Conference Board s new Centre on Cyber Security This event will mark the launch of a new Centre at the Board dedicated to cyber security. You will be the first to hear about it s proposed activities and research agenda and have an opportunity to share your own priorities and areas of concern. Gain insights from the experts on insider threat from the technical and social perspective. Take advantage of expert presentation and networking to develop a greater appreciation of today s threat environment and the role of insider threats. Topics for discussion will include how to: understand the range of threats in today s environment identify those employees who might pose a risk of becoming a threat avoid accidental release of information match your defence strategy to the importance of the information you are protecting expand your defences to include contractors as well as direct employees conduct an effective investigation if a breach occurs create a culture that discourages insider threats including an effective whistleblowing process communicate effectively with the public and stakeholders after a breach occurs Don t make the mistake of investing all your resources and focus into defending against yesterday s attack. This event is Canada s only forum devoted to one of the most important emerging threats to your organization insider threat. Those inside your organization enjoy easier access than those outside and their activities are often harder to detect and defend against. As such they can wreak havock by stealing or destroying your data or stealing your intellectual property and passing it on to competitors. The Snowden case is only the tip of the iceberg. All our organizations are vulnerable either to the lone wolf inside who might act from personal grievance or gain, or maybe worse an insider acting on behalf of a larger group motivated either through money or ideology.

3 Agenda DAY 1 / Wednesday, February 18, 2015 AT A GLANCE 7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair 8:45 a.m. Plenary Session 1 10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2 11:30 a.m. Plenary Session 3 12:15 p.m. Networking Luncheon 1:15 p.m. Plenary Session 4 2:00 p.m. Plenary Session 5 2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6 3:45 p.m. Plenary Session 7 4:45 p.m. Closing Remarks from the Chair 5:00 p.m. Day 1 Adjourns 7:45 a.m. Registration and Continental Breakfast 8:15 a.m. Opening Remarks from the Chair And Overview of Board Research to Date on Cyber Security and Insider Threat Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada 8:45 a.m. Plenary Session 1 Insider Threat Proven Strategies for Identifying and Responding to Potential Threats Dr. Eric Shaw, Consultant, Stroz Friedberg Scott Weber, Managing Director and Leader of the SCOUT Business Unit, Stroz Friedberg Eric Shaw and Scott Weber are two of the top experts in North America on the psychology of insider threats. In this session they will look at the growth vector of insider threats how they get into your organization, how they might become motivated or radicalized before or after joining, the most critical organizational issues that can precipitate dissatisfaction to the point of action. To prevent damage to your organization you need to learn how to be a benign big brother. Their wide-ranging discussion will touch on the most critical issues for HR, IT and leadership in your organization. Among these will be: developing a profile of the archetypal insider threat and using it appropriately understanding behaviours that indicate a possible threat monitoring , texts, etc. and mining this for potential risks but always acting only on behaviour taking an all hazards approach focusing resources understanding whistleblowing policies and the importance of recognizing genuine grievances before they escalate 3

4 DAY 1 / Wednesday, February 18, 2015 using psycholinguistics to determine the credibility of threats how to deal with false positives This extended session offers an outstanding examination of the key challenges posed by insider threats and the latest thinking of those who specialize in helping organizations secure their data from this emerging threat. 10:00 a.m. Networking Break 10:30 a.m. Plenary Session 2 The Insider Threat Malice Not Required Cheri F. McGuire, Vice-President, Global Government Affairs and Cybersecurity Policy, Symantec Corporation In this day and age you need more than a higher and higher wall to defend your organization against cyber threats. In this session, Cheri McGuire of Symantec will challenge your assumptions about what really constitutes an insider threat by exploring some recent, high-profile attacks. Whether caused by a malicious insider or an unwitting employee, the damage from these events is significant and lasting. Cheri will also share her thoughts on how such threats may be recognized and mitigated, and suggest some basic questions every enterprise should be asking about its security. 11:30 a.m. Plenary Session 3 Case Study: One Organization s Response to The Emerging Cyber and Insider Threat Vincent Jarvie, Vice-President, Corporate Security, L-3 Communications Corporation In this session, you will get to hear how one prominent organization is adapting to meet emerging and changing threats. Against a background of growth, increased outsourcing and far greater mobility of employees, L-3 has to stay ever vigilant to prevent data loss or damage to the organization through inside agents. You will hear how L-3 is managing risk in an era of cloud computing, extensive use of contractors, changing technology and growth in attack vectors. 12:15 p.m. Networking Luncheon 4

5 DAY 1 / Wednesday, February 18, :15 p.m. Plenary Session 4 The Accidental Insider: Understanding and Preventing Inadvertent Leaks that Could Damage Your Organization Kevin Ripa, Owner, Computer Evidence Recovery Most of the discussion of insider threat focusses on the malicious employee or contractor who deliberately sets out to do damage to the organization. Whether driven by ideology or disaffection the intent is clear. However insider threats can also be accidental employees who unintentionally release sensitive data to outsiders. This could be a simple as losing a laptop or data stick or posting something on a social media site. In this session, data security expert Kevin Ripa will examine the ways data can be released, the potential consequences based on real life examples, and the steps organizations need to take to prevent incidents. Kevin will cover two critical categories of accidental insider threat: 1. where individuals independently and unintentionally release information 2. where outsiders use insiders and unknowing vectors for attacks This important perspective will ensure that when you develop your strategy to counter insider threat you don t only focus on the malicious but also take into account the capricious. 2:00 p.m. Plenary Session 5 After the Breach I: Conducting Effective and Legal Investigations in Your Workplace Sarah Graves, Partner, Fasken Martineau No matter how well you plan and develop systems to identify and prevent insider threats, you also need to plan what you will do if something goes wrong. 5

6 DAY 1 / Wednesday, February 18, 2015 In this first of two sessions on how best to respond we will look at how to conduct an internal investigation. You need to identify the threat, find out what information he or she has accessed, and what they have done with it. You also need to find out if they were a lone wolf or if there are accomplices or enablers still in your employ. And you need to learn what went wrong and make sure you cover any gaps in your security. But you need to be aware of what you can and can t do the restrictions the law places on you and the kinds of skills you ll need to guide an investigation forward. Questions addressed will include: the roles of HR, in-house counsel, IT and outside experts privacy issues writing an effective report the importance of recent case law common mistakes people make that could derail your investigation 2:45 p.m. Refreshment Break 3:00 p.m. Plenary Session 6 After the Breach II: Protecting Your Organization and It s Reputation Through Effective and Timely Crisis Communications Jason Maloni, Senior Vice-President and Chair, Litigation Practice, LEVICK The threat may be internal but your audience your shareholders, customers, regulators, and the public are external. In the event of a breach you need to move fast to contain damage and protect your brand. This applies whether you are the CIA or the CBC, whether you ve had sensitive information stolen and made public or a rogue employee has acted in ways that damage your reputation. And in the era of social media you can t afford to put a foot wrong otherwise a crisis will quickly become a drama and a drama where your organization and its brand is the villain. Jason Maloni has extensive experience managing crisis communications related to cyber security and insider threat having worked for governments, retailers, banks and in health care. Jason will share this extensive experience with you and help you understand that you need to start now to prepare your crisis communications response you need a team in place ready to respond at a moment s notice because as soon as there is a problem, traditional media will pounce and the public and activist organizations will take to Twitter and other social media platforms and pretty soon they will own the conversation. 6

7 DAY 1 / Wednesday, February 18, :45 p.m. Plenary Session 7 World War III? Inside and Outside Cyber Threats Defining the New World of Threat and Opportunity Dr. James L. Norrie, Dean, Business and Justice Studies, Utica College In this session, James Norrie will discuss some of the existing and emerging cyber threats to organizations in an increasingly global economy. James argues persuasively that not only have companies and governments underestimated the threats they face but they have fundamentally misunderstood the nature of those threats. For too long, organizations have looked at traditional actors with straightforward motivations as the most significant threat often looking only at narrow economic drivers. They also too often presume a level playing field in the global economy putting too much faith in the rule of law. This session will discuss how dangerous these assumptions are. New threats are emerging all the time with many actors now motivated by ideology, not money or simply the desire for anonymous celebrity. In addition, state sponsored entities have become more active with certain states devoting significant resources for apparent third parties to steal data or simply create chaos. Is this a new world war? Maybe, maybe not but the stakes are high, the threats are increasing and they are gathering inside and outside your organization motivated to do you harm. Are you ready? 4:45 p.m. Closing Remarks from the Chair Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada 5:00 p.m. Day 1 Adjourns 7

8 Agenda DAY 2 / Thursday, February 19, 2015 AT A GLANCE 7:45 a.m. Continental Breakfast 8:15 a.m. Opening Remarks from the Chair 8:30 a.m. Plenary Session 8 9:30 a.m. Plenary Session 9 10:15 a.m. Refreshment Break 10:30 a.m. Plenary Session 10 11:00 a.m. Plenary Session 11 11:30 a.m. Plenary Session 12 12:15 p.m. Conference Adjourns 7:45 a.m. Continental Breakfast 8:15 a.m. Opening Remarks from the Chair Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada 8:30 a.m. Plenary Session 8 Cyber Security Principles for Leaders Fundamentals of a Risk-Aware Organization Kristin Lovejoy, Global General Manager, IBM Security Services, IBM Canada Ltd. Cyber threats have become a key boardroom agenda item and significant technical concern for many organizations today, with the potential to bring down an organization s network, create compliance issues, damage bottom lines, and impact brand reputation. Over 95% of (IT Security) incidents investigated recognize human error as a contributing factor to the threats. And although many organizations invest a significant portion of their operational budget in defending their organization against IT threats, they still find they have cyber security challenges. IBM s Kris Lovejoy has extensive, first-hand experience in this area. Prior to heading IBM s Security Services business, Kris served as IBM s Global Chief Information Security Officer (CISO). In this session, she will provide insights into the major IT threats that organizations face in addressing the growth of cyber incidents and sophisticated attacks, and how organizations can better prepare and defend their critical data and their enterprise. 8

9 DAY 2 / Thursday, February 19, :30 a.m. Plenary Session 9 Responding to Complex New Reality The Emerging Insider Cyber Threat Francis Bradley, Vice-President, Policy Department, Canadian Electricity Association Francis Bradley is responsible for the Canadian Electricity Association s overall policy development and its critical infrastructure protection programs. In this session, Francis will discuss how electricity generators, transmitters and distributors are responding to an increasingly threatening environment. His talk will cover issues such as: how risks have increased in the last decade increasing threat vectors how increasing interconnectedness translates into increased risk the need for greater collaboration between organizations understanding the complexity created by increased use of contractors broadening your horizons to include critical suppliers and service providers 10:15 a.m. Refreshment Break 10:30 a.m. Plenary Session 10 Insider Threat and Cybersecurity: The RCMP Perspective Michel Aubin, Director General, CISC, Royal Canadian Mounted Police The RCMP is responsible for large amounts of confidential and sensitive information both its own and as custodian for other police forces across the country. To protect this information from theft or malicious damage the RCMP has increased its focus on insider threats - both in regards to accidental release and where outside organizations recruit insiders to steal data. In short there are many people and organizations who want to know what the RCMP knows about them and their activities. And in many cases protection of this information is a matter of life and death. In this session, Michel Aubin will discuss the extent of the problem and its recent growth and how the threat is changing. He will discuss the relative importance of the threat and how this determines the resources available to address it. He will also discuss how the RCMP is collaborating with other forces to ensure greater security of data across the country. 9

10 DAY 2 / Thursday, February 19, :00 a.m. Plenary Session 11 Industry, Government, and Academia Collaborating to Create a Secure Canada Dr. Tony J. Bailetti, Director, Technology Innovation Management, Carleton University and Executive Director (Acting), VENUS Cybersecurity Corporation, Carleton University In an environment of escalating cyber threats it is clear that there needs to be greater cooperation between sectors in order to ensure Canada could become a leader in cybersecurity. As a result, VENUS Cybersecurity Corporation was established. VENUS is an independent not-for-profit that provides the people, space, and infrastructure to work on complex, leading-edge cybersecurity problems affecting individuals, businesses, and governments throughout the world. In this session, you will hear about the environment that makes VENUS necessary, the progress made to date, its activities including research and education, and its vision for a cybersecurity ecossystem that supports the innovation of Canadians addressing this vital issue. 11:30 a.m. Plenary Session 12 Closing Session and Remarks from the Chair Dr. Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, The Conference Board of Canada This closing session will both summarize some of the key lessons learned during the event and cast an eye on the future. Central to this discussion will be an exploration of the gaps many organizations have when it comes to addressing insider and cyber threats, both those that exist today and those that might develop in the future. This will lead into an introduction and launch of the Board s new Centre for Cyber Security and invitation for delegates to suggest areas of study. 12:15 p.m. Conference Adjourns 10

11 Registration REGISTER NOW! or Register now and save! Individual Rates Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015 Regular Rate $1,355 $1,455 $1,555 Promotional Rate $1,155 $1,155 $1,155 Conference Board Executive Network Rate $778 $778 $778 Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations. TO REGISTER Online Fax PDF form to Phone or All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see for our cancellation policy. CONFERENCE VENUE Shaw Centre (formerly the Ottawa Convention Centre) 55 Colonel By Dr, Ottawa ON K1N 9J2 HOTEL ACCOMMODATIONS The Westin Ottawa 11 Colonel By Dr, Ottawa ON K1N 9H4 Tel Conference fees don t include accommodations. Please contact the hotel directly for reservations, and mention The Conference Board of Canada to receive the preferred rate of $179, available until Jan. 12, Should you need to cancel your reservation, you must do so 72 hours prior to arrival to avoid penalty of one night room and tax. SPECIAL OFFERS 4-for-the-price-of-3 team offer! Visit or call to find out more. Network Members save on registration! Members of The Conference Board of Canada executive networks save 50% off registration for all upcoming conferences! For details, contact ext. 236 or [email protected]. Earn Directors College Continuing Professional Development (CPD) Hours! Conference Board of Canada conferences contribute to Continuing Professional Development (CPD) hours for Directors College, Chartered Directors. For more information on CPD requirements and criteria visit The Conference Board s Privacy Policy By registering for this event, you are giving us consent to use information you provided to help us inform you about additional Conference Board products and services. To view our Privacy Policy, visit If you wish to withdraw your consent to our use of your infor mation, contact us at [email protected] or

12 Registration Form Cyber Security and Insider Threat: Effective Strategies for Defending Your Data and Organization FEBRUARY 18 19, 2015 OTTAWA Group rates are available See for details. YES! Please register the following delegate for this event Name Title Organization Tel. Fax Mailing Address City Province Postal Code Your registration in this event includes the sessions, continental breakfasts, breaks, luncheon, and a link to speaker presentations. Fees Before Dec. 18, 2014 Before Jan. 19, 2015 After Jan. 19, 2015 Regular Rate $1,355 $1,455 $1,555 Please confirm attendance at event functions: Day 1 Networking Luncheon: Payment method: (all fees are due by the event date) Credit card (we will you a link to our secure system for payment) Cheque (payable to The Conference Board of Canada ) The Conference Board of Canada 255 Smyth Road, Ottawa ON K1H 8M7 All registrations will be confirmed. Program subject to change. Events are HST exempt. Please see for our cancellation policy. this form to: [email protected], or fax to:

13 Sponsors We d like to thank our generous sponsors for their contribution to this event. MARKETING PARTNERS SPECIAL CONTRIBUTOR Connect with your top prospects! Sponsor this event, and collaborate with senior executives, practitioners, and thought leaders. Connect your brand with the solutions, and position your organization as a leader in its field. To learn more about sponsor benefits, contact Rhonda Bradbury at or [email protected].

14 Insights. Understanding. Impact. 255 Smyth Road, Ottawa ON K1H 8M7 Canada Tel Fax Inquiries conferenceboard.ca